I‘m sorry for You. I can see how you‘d think that your software is providing society a service. And yet from my perspective your software is malware. I don’t think you have considered the legal ramifications of your software in all markets where the app store is offered. Aside from the legal risk to You, there is also a reputational risk to Apple, a company trying to rebrand itself by focussing on privacy (CSAM nonwithstanding). Do you have safeguards that can 100% rule out the use of your App as spyware ? I think you should move on with your life.
> And yet from my perspective your software is malware.
At first I thought exactly this. This app is disclosing what it does, in the open. The product is very direct and clear what it does, and how it does it. One of the hallmarks of malware is that is is doing things without the user knowing, or in many cases wanting. The only way I would install this is if I wanted it to do exactly what it does.
> Do you have safeguards that can 100% rule out the use of your App as spyware ?
I'm not sure that this is really what is needed here. Any app with telemetry, especially screenshots could be used as spyware. In this case, the app is not hidden, is installed by the user, and it is very clear what it does. There's nothing clandestine or spy-ish about it. It is literally marketed saying this app will take and send screenshots to a person you pick.
> I don’t think you have considered the legal ramifications
This is probably where the biggest potential problems really are: truple is collecting evidence that likely would be used against users in court - be it civil court where it could be used to prove you were doing something bad at 10am (you were chatting instead of working) last week or criminal court where the screenshot might be used as direct evidence of a crime.
With regards to the last point. Truple offers end-to-end encryption. We also permanently delete all accountability data once it's 15 days old. Not saying it's without risk, just that I've done everything I can to mitigate the risks of data getting into hands it shouldn't.
Competitors currently allowed by Apple don't offer end-to-end encryption. Most delete data eventually, but 15 days is the shortest retention I'm aware of.
It's not malware if it's voluntarily installed and wanted by the end user, provides a persistent notification indicating that monitoring is occurring, etc. These are the requirements Apple/Google have for parental control type apps.
In case you didn't read the full description, Apple is allowing competitors to do the same thing.
I've gone over privacy concerns with lawyers though I appreciate your concern/suggestions.
> And yet from my perspective your software is malware.
So don't buy/install it. But don't take away that choice from other people. I have a good married friend who uses parental control software on himself to reduce the temptation to look at porn. It basically just gives his wife access to his browsing history. Sure, he could bypass it a number of ways if he was really determined, but it's more about just raising the level of effort required so that impulsive usage is mitigated.
> So don't buy/install it. But don't take away that choice from other people.
It's not that simple. You are purposefully bringing up an extremely rare use case to detract from the fact that 99% of users of this software are going to be abusive parents who install it on their children's phones without consent. (Or heck, maybe even abusive spouses.) If parents are that concerned, even banning their children from "innocent" apps like Twitter or computer/phone use altogether is better than this invasive 1984-like software.
Designing systems that don't empower abusers is so, so incredibly important.
Completely separately, though, it's also the case that OP is essentially building an Internet-connected backdoor into the system that will have been permitted to monitor cross-app activity. Even if data is E2E encrypted, that doesn't mean the software is immune from vulnerabilities that could then piggyback on the elevated permissions given to the app. And OP being a bootstrapped developer without the resources to have robust security practices is a liability here. Apple's response to treat this as a vulnerability is reasonable.
(As a side note, if OP wanted to distribute source code and unsigned binaries, macOS would allow an end user to run that software, and that's a perfectly reasonable caveat emptor for me. But Apple is under no obligation to digitally vouch for software that enables abusers and hackers.)
I mean, you can run any binary you want on MacOS if you disable Gatekeeper or go into the security settings and allow an exception for it. The developer doesn't need to be known or notarized by Apple. If you trust the source, go for it. If it's your wife or child's computer and you're installing spyware on it anyway, why worry?
> install it on their children's phones without consent
That's a curious phrasing. Are you implying a parent needs consent from their minor child to install something, anything they deem appropriate, on "their" phone?
I'm not the person you were replying to, but yes. That would be an extreme breach of trust and especially with the level of detail that's being collected here, effectively removing all privacy, it's just not ok. This could have disastrous consequences for ex. closeted LGBTQ+ youth with unsupportive parents who could kick them out of the house or worse if they found out.
Not to mention how socially alienating it would be to have this on your phone- who wants to text the person whose parents listen in to every conversation they have?
There's nothing immoral about it if the parent is up front with the child, the child knows the device is monitored. If they don't want to be monitored, then they don't get the device. I know for a fact once my kids are older not a packet will leave my house without getting snooped at least by a parent controls filter. I'm sure they'll find ways around it (as I did as a technical child) but kids need to be protected from devices and the internet just as much as they need to have access. There is a great deal of harmful and damaging content - social media being the least of it in many ways. If a kid feels they need to hide something as meaningful as issues about sexuality (which I do understand is common) from their parents, the issue is not the filters, it's the relationship, and the solution isn't to give the minor free reign to choose to use the internet unabated according to their own wisdom. Once they're an adult, fine. I guess there are just extremely different views on parental authority today.
The position being put forth here is frankly rather horrific and abusive, and on multiple levels. Normally I'd aim to provide a more substantive response, but I'm not even sure where to begin.
I find the idea of snooping horrific and yet strangely find myself agreeing with the parent, because it may be the lesser of two evils at this point. So much of what's online and what can happen to a kid online is even more horrific. FWIW, I don't have kids, so I'm not sure what I'd do. But I know I had my first sex chat on IRC when I was 12, in the dialup days, and it could have gone pretty badly if I hadn't been paranoid enough not to give out my phone number or address to the "14 year old girl" I was chatting with. Things are much, much, much worse now.
I would feel deeply uncomfortable if a parent (or anyone, really) were able to essentially listen in on every conversation I have. A tool that goes this far with monitoring really needs to be installed with consent from all parties.
I'm not at all convinced this is an extremely rare use case. There are hundreds of thousands of Christian pastors, priests and ministers of religion who would probably find this very useful. There are a lot of Christians who would also find this useful, for themselves.
> You are purposefully bringing up an extremely rare use case to detract from the fact that 99% of users of this software are going to be abusive parents
What exactly is abusive about me wanting to know if my 6 year old is watching porn?
Are parents that signed up for Youtube Kids abusive, too? Is Google abusive for filtering the videos? And are all those who shared articles about how porn was showing up in YTKids abusive for letting parents know that their children might have been exposed to mature material?
I think there's a big qualitative difference between having a Youtube Kids profile and filtering access to certain content versus completely negating a child's digital privacy like this. It actually reminds me of that one Black Mirror episode[1].
Ethically, I agree with the UN Convention on the Rights of the Child[2], which states in Article 16:
>No child shall be subjected to arbitrary or unlawful interference with his or her privacy [...].
>The child has the right to the protection of the law against such interference or attacks.
So, to be clear, the government can keep tabs on what my child watches. Google can keep track of exactly what my child watches. Twitter can filter based on its morals, what my child can see and share, as well as monitor everything they read and watch and say.
But I, as the parent that is actually responsible for the child (and may face lawsuits if I don't) am not allowed to do any of that.
Governments and companies like Google/Twitter definitely have some shady tracking practices, sometimes even tracking between different apps and websites, but it's still nowhere near as invasive as taking a screenshot of every single thing that happens on your child's phone.
Reveal to a loved one, someone of their choosing. It's not revealing it to the world or even to Truple.
> The whole purpose of this software is to the reveal the private life of others. Why should people be able to install malware on other people's devices?
People shouldn't be allowed to do it to other peoples devices. People should be allowed to install software on their down devices, for their kids or for their own use to help with online behaviors/addictions.
If it's your own device, I guess it's fine. I'm not sure I would consider my child's phone to be my device though. I certainly wouldn't have tolerated that sort of behavior from my parents when I was a kid myself.
Whether the device your child uses is yours, or theirs, that's up to you as the parent to decide.
> I certainly wouldn't have tolerated that sort of behavior from my parents when I was a kid myself.
Kids will be kids. I would have been the same way. I learned to pick a lock on the computer desk as a kid in order to play computer games after I was supposed to be in bed. The issues is the negative impact of tech is only growing, and it's harder and harder for kids to come out unscathed.
A relationship that involves one partner snooping on the others phone like this is not a healthy relationship. If trust is eroded to that level the solution is counseling, separation or divorce. Not 24/7 surveillance - that's insane.
Not to mention people in abusive relationships who might be coerced into using this. Just because they're aware it's on their phone doesn't mean it isn't being used to control them.
I do think if and only if a partner actually thought they had a problem and needed an app like this to help them through that problem, then it is fine.
I mean you should feel safe enough to come to your partner for help and voluntarily do something like this.
But generally I agree with what you are saying and it is very worrysome. Which is my entire issue with this app. Looking at the marketing it is not focused on the partner looking for help, it is giving praising reviews from the spouses and parents violating their "loved ones" (purposefully put in quotes if you deem something like this necessary) privacy.
My friend doesn't trust himself not to look at porn without a safety rail, so he bought a safety rail and gave his wife the key, so to speak. How does that make his marriage toxic?
I think this is what he told you to save face about being in a toxic relationship. Unless he has a problem or is looking at something illegal, I'd say the average person looks at porn sometimes and that there is nothing wrong with it. Even if he was being upfront and honest, why would he put something like this on his partner? It makes no sense. I have married friends and have been married for 21 years, I've never heard of anything like this in a healthy relationship.
I think you're probably just not in the circles that do this. Christian men do this all the time, either with their wives as the 'accountability partner' or a male Christian friend. It might be your opinion that there's nothing wrong with looking at porn occasionally but there are large groups that don't believe it is (eg most Christians) and if a married couple with that belief agree to set up an accountability system like this, whose right is it go deny that. Seems a bit like discrimination.
> And yet from my perspective your software is malware.
Your perspective is objectively incorrect. Something cannot be "malware" if it is intentionally installed for a purpose beneficial to the installer, doesn't contain hidden anti-features, or doesn't make itself intentionally hard to uninstall (modulo the obvious cases where that's a feature, such as find-my-stolen-device tools, and this one).
> I think you should move on with your life.
This is useless and the opposite of helpful. If you don't have anything constructive to say on HN, perhaps you shouldn't say anything at all.
> I‘m sorry for You. I can see how you‘d think that your software is providing society a service.
I also don't want Apple approving apps which can essentially take over everything and eliminate all safety or privacy guarantees... but this developer is also saying that Apple has approved competitors of the same nature.
I don't know how accurate the fine details are, but this story in its broad outlines seems very unfair and capricious.
Competitors are allowed to capture screenshots randomly and send those screenshots to someone. The details are very similar. Interestingly enough, competitors don't end-to-end encrypt the data. Only I do that.
If there was some little tweak that was super important to Apple, I'd hope they'd let me know about it instead of being silent though. I'm willing to adjust based on their feedback, but they say nothing.
> I also don't want Apple approving apps which can essentially take over everything and eliminate all safety or privacy guarantees.
Unfortunately, it won't happen because that would mean Apple need to ban MDM software from the App Store. Thousands of thousands of companies using MDM and it won't be a good move for Apple if they attempt to do so. Apple could do it, but they will lose profits, money talks louder than doing for the goodwill.
